0
  • No products in the cart.
Total:0,00 
 

Privacy and Security

Privacy policy

This statement describes how we, as the data controller, store your personal data in connection with our website, within the internal framework of your goods purchase, and when contacting us. The general provisions apply to all processing operations.

The legal basis for the processing of personal data is the EU General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG), and the Telecommunications Act (TKG) in their respective valid versions.

1 Name and Contact Details of the Data Controller
BADX GmbH
Jöß-Gewerbegebiet209
ATU70580007
FN 450170s Regional Court for ZRS Graz
Tel.: +43 664 8588989
Email: info@x-grip.at
(hereinafter referred to as “BADX” or “X-GRIP”)

2 General Provisions
2.1 Data Security
BADX employs technical and organizational security measures to protect stored personal data against accidental or intentional manipulation, loss, or destruction and against unauthorized access. Our security measures are continuously improved in line with technological progress.

2.2 Your Rights Regarding Personal Data
You have the right to:
• check whether and what personal data we have stored about you and to receive copies of this data,
• request correction, supplementation, or deletion of your personal data that is incorrect or not processed in accordance with the law,
• request us to restrict the processing of your personal data,
• object to the processing of your personal data under certain circumstances or to revoke the consent given for processing,
• request data portability,
• know the identity of third parties to whom your personal data is transmitted, and
• lodge a complaint with the competent authority.

2.3 Complaint Option
You have the right to lodge a complaint about the processing of your personal data with the competent supervisory authority. In Austria, the Data Protection Authority is responsible.

3 The Website www.x-grip.at
3.1 Website Visitors
3.1.1 Processed Data and Purpose of Processing
The following information about you is collected during your visit. There is no obligation to provide this data.
• anonymized IP address
• date and time of access
• name and URL of the accessed file
• website from which the access occurs (referrer URL)
• used browser and, if applicable, the operating system of your computer, as well as the name of your access provider, and
• certain cookies (see below)

This is done to provide you with this website and to further improve and develop it, to create usage statistics, and to detect, prevent, and investigate attacks on our website.

3.1.2 Legal Basis
The legal basis for the processing of this data is our predominant legitimate interest (in accordance with Art. 6 (1) lit f GDPR), which is to achieve the purposes mentioned above.

3.1.3 Duration of Storage
We only store anonymized IP addresses of website visitors. The establishment of a personal reference is no longer possible.

3.2 Registered Customers
3.2.1 Processed Data and Purpose of Processing
If you create a customer account with us, the following information about you is collected and processed. All this data is based on your information. There is no obligation to provide this data, but if you do not, you will not be able to use all functions of the website and make purchases.

To submit and receive orders, you can also place a guest order as an unregistered customer, even if you do not want to create a customer account.

We store and process the following data from registered users.
• Email address
• Password

The email address is used to contact you regarding the sending of order confirmations and any inquiries. Furthermore, the email address and password serve for authentication as a registered user on our website.
• Name/First name
• Company name if applicable

The processing of this data is for identification purposes.
• Address, possibly several stored addresses, consisting of first name, last name, email address, phone, possibly company, address (country, postal code, city, street, house number)

The processing of this data is for the delivery and order processing (billing and shipping address) of your order and for contacting you for inquiries. To allow you to separate billing and shipping addresses and manage multiple delivery addresses easily, the option to store multiple addresses is available.
• Previous orders

The processing of this data is for the management of order cancellations, cancellations, or complaints about individual items.
• Payment method
• Shipping method

The processing of this data is for determining how you want to pay for and receive your goods. The entry of payment data itself takes place directly with the respective provider and not on our website.
• anonymized IP address
• Date of the first visit
• Date of the last visit
• Last visited page

The processing of this data is for the detection, prevention, and thwarting of fraudulent orders, protection of honest customers, as well as for creating usage statistics and improving the website.

3.2.2 Legal Basis
The legal basis for the processing of your personal data is Art. 6 (1) lit b GDPR. Furthermore, processing is in our predominant legitimate interest according to Art. 6 (1) lit f GDPR, which is to fulfill the purposes mentioned above.

3.2.3 Duration of Storage
The registered data is stored as long as your account exists and thereafter only for as long as legal obligations require.

3.3 Non-registered Customers – Guest Orders
3.3.1 Processed Data and Purpose of Processing
It is possible to place an order in our online shop without registering. All this data is based on your information. There is no obligation to provide this data, but if you do not, you will not be able to use all functions of the website and place orders.

We store and process the following data from guest orders:
• Name/First name
• Email address
• Phone
• Company name if applicable
• Address (country, postal code, city, street, house number)

The processing of this data is for identification purposes. Furthermore, the processing of this data is for the delivery and order processing (billing and shipping address) of your order and for contacting you for inquiries.
• Payment method
• Shipping method

The processing of this data is for determining how you want to pay for and receive your goods. The entry of payment data itself takes place directly with the respective provider and not on our website.
• anonymized IP address
• Date of the first visit
• Date of the last visit
• Last visited page

The processing of this data is for the detection, prevention, and thwarting of fraudulent orders, protection of honest customers, as well as for creating usage statistics and improving the website. See also point 3.1.

3.3.2 Legal Basis
The legal basis for the processing of your personal data is Art. 6 (1) lit b GDPR. Furthermore, processing is in our predominant legitimate interest according to Art. 6 (1) lit f GDPR, which is to fulfill the purposes mentioned above.

3.3.3 Duration of Storage
Your data is stored as long as necessary to fulfill the order and thereafter as long as legal obligations require.

3.4 Payment Data – Providing Your Personal Data
For the payment processing of your orders, we have commissioned the payment service provider Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden (“Klarna”). Klarna has committed itself to comply with data protection regulations towards us. Data processing agreements in accordance with Art. 28 GDPR have been concluded.

You cannot enter your payment data directly on our website but in a separate portal by Unzer. Your entries are not visible to us and are neither processed nor transmitted to third parties by us. An exception is made for your bank data (name of account holder, bank account, BIC) in the case of orders with Sofortüberweisung, which are visible in the portal of Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany (“Sofort”). This data is used exclusively for chargebacks in the event of revocations. This data is used by us in strict confidence and is only accessible to the person entrusted with it.

For the payment processing of your order by cash on delivery, we have commissioned the Austrian Post AG, Rochusplatz 1, 1030 Vienna (“Post”). Your name and address will be transmitted to Post for delivery and payment processing. Post has committed itself to comply with data protection regulations towards us. A data processing agreement in accordance with Art. 28 GDPR has been concluded.

Further information on data protection at Klarna can be found here.
Further information on data protection at Sofort can be found here.
Further information on data protection at the Post can be found here.

3.5 Google Analytics
This website uses Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses so-called “cookies,” text files that are stored on your computer and enable an analysis of your use of the website. We process your data on the basis of our predominant legitimate interest in creating a cost-effective website access statistics that is easy to use (Art. 6 (1) lit f GDPR).

The information generated by the cookie about your use of this website (including your IP address and the URLs of the web pages accessed) is transmitted to servers of Google in the third country of the USA and stored there. We do not store any of your data collected in connection with Google Analytics.

This website uses the IP anonymization feature offered by Google Analytics. Your IP address will be shortened/anonymized by Google as soon as Google receives your IP address. On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide us with other services related to website usage and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data by Google.

User and event data will be stored in Google Analytics for 26 months after the last user activity.

You can prevent the storage of cookies by adjusting your browser software accordingly. However, we would like to point out that in this case, you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting your data in connection with Google Analytics by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Google is certified under the US-EU Privacy Shield agreement and thus committed to complying with EU data protection requirements. Furthermore, we have concluded a contract for order data processing with Google in accordance with Art. 28 GDPR.

More information on Google’s terms of use and Google’s privacy policy can be found at https://marketingplatform.google.com/about/analytics/terms/de/ or at https://policies.google.com/privacy?hl=at&gl=at.

3.6 Google Maps
To display locations, we use Google Maps, a map service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

When you use Google Maps, information about the use of the Maps features is transmitted to a Google server in the USA, e.g.
• Date and time of the visit to the website
• Device data
• Internet address
• IP address
• For route planning, the entered address

We would like to point out that we have no influence on which personal data is transmitted to Google for the use of Google Maps.

The terms of use and further information from Google Maps can be found here https://www.google.com/intl/de_de/help/terms_maps.html. Google’s privacy policy can be found here https://policies.google.com/privacy?hl=de.

3.7 Cookies, Sessions, and Logfiles
This website uses so-called cookies. A cookie is a small text file that can be stored on your computer when you visit a website. In principle, cookies are used to provide users with additional functions on a website. They can be used, for example, to facilitate navigation on a website, allow you to continue using a website where you left off, and/or save your preferences and settings when you visit the website again. Cookies cannot access, read, or modify any other data on your computer.

Most of the cookies on this website are so-called session cookies. They are automatically deleted when you leave our website. Persistent cookies, on the other hand, remain on your computer until you manually delete them from your browser. We use such persistent cookies to recognize you when you visit our website again. This is in our legitimate interest according to Art. 6 (1) lit f GDPR to maintain your shopping cart and display personalized products on the homepage and product view.

No personal data is stored in cookies, sessions, and log files. Furthermore, these files cannot transfer viruses, spy on data on your computer, or send emails unnoticed. Also, each web server can only read the cookies it has set itself.

If you want to control cookies on your computer, you can choose your browser settings to receive a notification when a website wants to save cookies. You can also block or delete cookies if they have already been stored on your computer. If you would like to know more about how to take these steps, please use the “Help” function in your browser. Please note that blocking or deleting cookies may affect your online experience and prevent you from fully using this website.

4 Internal Processing of Your Orders
4.1 System Maintenance – Transmission of Your Personal Data
For the maintenance of our IT system, we have commissioned IT service providers who, in the course of their activities, may have access to your personal data. They have committed themselves to comply with data protection regulations towards us. Data processing agreements in accordance with Art. 28 GDPR have been concluded.

4.2 Legal Basis for Processing
The legal basis for the processing of your personal data is Art. 6 (1) lit b GDPR. Furthermore, processing is in our predominant legitimate interest according to Art. 6 (1) lit f GDPR, which is to fulfill the purposes mentioned above.

4.3 Duration of Storage
The data is stored during the entire business relationship (from the initiation and processing of a contract) and beyond, in accordance with legal retention and documentation obligations arising, among other things, from the Commercial Code (UGB) and the Federal Fiscal Code (BAO), as well as until the termination of any legal disputes, ongoing warranty, guarantee, and limitation periods. An overview of the periods can be found here.

5 Other communication with X-GRIP

5.1 Contacting X-GRIP

When you contact us through the form on our website or via email – for example, in the course of an inquiry, for an order, or for a warranty case – your provided data will be stored for the purpose of processing the request and in case of follow-up questions. When contacting us, it is up to you to decide which data to provide. However, not providing certain data – such as your name and address – may result in us being unable to process your request.

5.2 Legal basis for processing The legal basis for processing is Art. 6(1) lit. b GDPR. Additionally, processing is in our legitimate interest according to Art. 6(1) lit. f GDPR to fulfill the purposes mentioned above.

5.3 Duration of storage The data will be stored for a period of 6 months. Data related to orders may be stored for a longer duration, as indicated above.